Tag-Archive for » gateway «

Some of you may already know that I built a home server not too long ago. I documented some of the very important parts of how it was built though I was planning on releasing all the documentation all at once. I was using Arch Linux and I hadn’t nearly finished everything, especially the documentation. Piv txwv li, it was supposed to be a media server. After some disk shuffling, it was supposed to end up having aRAID1for the boot andRAID 10for the rest (the media part).

I got as far as having an efficient (thiab zoo–firewalled) routing gateway server. I was finally satisfied that the customised local routing* was working correctly and I was confident that my tests withDHCPmeant I could disable the DHCP service on the flimsyADSLrouter and have all myflatmatesstart using the server as the Internetgateway. Instead: I was logged in to the server from the office, I’d just installed Apache2**, and I was about to consult with a colleague regarding getting nice graphs put together so the flatmates could all see who was using up the bandwidth*** — when I noticed a little message indicating that the root filesystem had been remounted read-only due to some or other disk failure.

And then I lost my connection to the server.

And then I gained a foul mood.

🙁

When I arrived home, I found that, as I had guessed from the descriptive message given at the office, the (very) old 80GBIDEdisk that I was using for the root filesystem had failed. Unfortunately, the server would never boot again and there was little chance of prying everything off onto another disk to continue where I’d left off.

I’m buying a replacement (SATA) HDD this next weekend just after pay day – and I’ve changed my mind about documenting my progress… and backing up my configurations:

* ISPs in South Africa charge less (easy pricecomparison) for “local-only” (within South Africa) traffic on ADSL but only if you use an ADSL account that CANNOT access web services outside of South Africa. This means that if you want to take advantage of the reduced costs but still be able to access the Internet at large, you need to set up some sneaky routing.

** one-command-install: ~$ yaourt -S apache

*** Internet Access in SA is expensive – you get charged about R70 ($7 / £4.9 / €5.46) per GB when using ADSL, or about R2 per MB if using GPRS / 3G.

I’d never really had the need to connect to a VPN until this weekend. After connecting, I found that my Internet access was rather non-functional except to the VPN in question. A colleague happened to be on hand (he’d given me the access details in the first place) and he quickly suggested this workaround.

Today, a client had the same issue. Perhaps this problem is more common than I first thought.

When connecting to the VPN, Windows updates the default gateway on your desktop to reflect the VPN’s settings. Most likely, however, you only need to access specific subnets on the VPN and you want all unrelated traffic to use your “old” settings.

It turns out that its a simple checkbox that needs to be unchecked. The jist (sp.??) of finding the setting: Right-click the VPN in Network Connections -> Properties -> Internet Protocol (TCP/IP); [Properties] ; [Advanced], and uncheck the “[ ] Use default gateway on remote network”.

Then click the usual OK/Apply/Yes-of-course-your-dialogue-ness (all the while reading and absorbing any warnings appropriately) until you’re back to your Network Connections window. Right-click the VPN connection and disable / re-connect.

You should be able to confirm that the Default Gateway does not change by running the command-line appipconfigbefore and after enabling the VPN connection. Look specifically for the line labelled “Default Gateway”.

[edit reason=”moore”]…

It turns out that a possible reason for this setting being the default setting is for security. If your desktop happens to be compromised or inadvertently routing traffic, connecting to the VPN might expose the supposedly “private” network to the Internet.